from the you-can't-make-something-work-better-just-by-rearranging-broken-parts dept

Update: In writing this post the original link to Alex Howard's piece at Huffington Post, which makes up the majority of quotes here somehow slipped. We apologize to Alex for the error..

The Department of Homeland Security (DHS) is looking to revamp its FOIA system, which is not only suffering from the over-redaction common to intelligence/security agencies, but also from a massive backlog of unfulfilled requests. As befits an agency that often can't tell the First Amendment from a terrorist threat, the effort is going badly.

First off, the DHS recently debuted its mostly-nonfunctioning FOIA request app, which would probably have added to its backlog if only it worked. But it's a move in the right direction -- greater transparency -- even if in practice, it's pretty much the equivalent of tripping over something and calling it "forward progress."

A November 2014 report from the General Accountability Office found the DHS duplicates efforts when processing FOIA requests. Holzer acknowledged the issue in a memorandum that said different departments of the DHS are using FOIA software that fails to meet federal standards.

The Holzer quoted here is the current senior director of FOIA operations at the DHS, James Holzer. Under his direction, the DHS has moved ever so slightly towards the "responsive agency" ideal. But every small step forward continues to be undermined by the agency's desire to keep its documents to itself. It currently has the greatest number of partially-filled requests of any government agency.

Part of this is due to the fact that the agency receives more requests than any other agency. And part of this is due to the government talking big about transparency, but refusing to put federal money where its mouth is.

According to the Department of Justice's annual report, there were 3,838 full-time FOIA staff members in 2014. In 2011, there were 4,396.

But part of this is due to Holzer himself, who has erected fee barriers to further distance requesters from the documents they seek.

Holzer wrote a 2014 letter that MuckRock, which provides a FOIA request and hosting service, was "not a member of the news media," though it featured journalists like Michael Morisy and Shawn Musgrave publishing journalism on matters of public interest, like domestic drone programs.

According to Holzer, MuckRock is a "commercial" entity -- apparently basing his determination solely on the fact that MuckRock has a website and internet users visit it to view FOIA documents.

Making documents available on MuckRock's website, even at no charge, drives traffic to the website and furthers its commercial purposes.

On top of all this, the DHS has also been found to censor FOIA responses for purely political reasons and has occasionally handled its massive backlog of unanswered requests by tossing thousands of them into file boxes and forgetting about them.

So, given this background, it's a little disheartening to hear that Holzer is being promoted to a position that will give him even more control over the government's end of the FOIA process.

This week, Archivist of the United States David Ferriero announced that James Holzer would be the new director of the Office of Government Information Services at the U.S. National Archives, beginning on August 9.

"Dr. Holzer’s experience administering FOIA and his demonstrated commitment to transparency will benefit OGIS, the National Archives, and the American public," said Ferriero.

Well, "commitment to transparency" means only as much as the administration itself is committed to transparency -- which isn't much. The promotion of an insider like Holzer to this post means FOIA requesters should expect little more than the status quo for the duration of his tenure. The government isn't imaginative enough to explore the areas outside its confines while filling an open FOIA oversight slot. This is the sort of job that shouldn't be left to a company man, as HuffPo's Alexander Howard points out.

It's hard to find a positive interpretation of the fact that a FOIA officer from DHS has been appointed ombudsman. FOIA requesters will need a strong advocate to arbitrate disputes and push for their requests to be addressed. A candidate from the nonprofit, academic or media worlds would be much more likely to do that than a DHS staffer.

The FOIA program will never approach the ideals of the law as long as it continues to be overseen only by government officials. Their interests are at odds with the public's in most cases. It's yet another area of government that would be better served by an advocate for the public, drawn from the public.

from the no-hard-truth-left-unhidden dept

A federal judge has ruled the CIA and Defense Department (DOD) do not have to confirm or deny whether they have records on the “factual basis for the killing” of either Samir Khan or Abdulrahman al-Awlaki, who were killed in two separate drone strikes in September and October of 2011.

The heavily-redacted order does contain some good news, however. The presiding judge ordered the Dept. of Defense and the CIA to turn over FOIAed documents to the ACLU that contain "previously acknowledged facts," thus preventing the Dept. of Justice from turning real life into a bizarre fantasy world where previously disclosed information can be treated as though it was still locked up in the agency's "TOP SECRET" digital filing cabinet.

But the obvious downside is this: because the government has been given permission to avoid confirming or denying the existence of the documents the ACLU is seeking, the search for more information on accidental deaths and collateral damage will still consist of issuing speculative FOIA requests, which will then result in more lengthy, expensive litigation.

I'm pretty sure the involved agencies believe they can outlast FOIA requesters, especially if they continue to receive mostly-favorable decisions from judges who place more faith in the government and its assertions about national security than in those who view government secrecy with considerably more skepticism. The problem is that the government has the resources to fight long legal battles. Most FOIA requesters do not.

This decision also further insulates the government from the repercussions of its own actions. By allowing the agencies to neither confirm nor deny the existence of these documents, it gives the government permission to deflect further inquiries into the oversight governing drone strikes -- and what it does when it suspects a strike has killed the wrong people.

If one accepts the government’s claims that Khan and Abdulrahman’s deaths were “accidental,” one at least has to believe the government did some kind of review after the strikes once they recognized two US citizens had been killed. This is what the ACLU suspects.

The ACLU and Center for Constitutional Rights have pursued a lawsuit challenging the constitutionality of the strikes, which killed the three US citizens. And, in this lawsuit, the ACLU has challenged the right of the government to keep information related to their deaths secret.

This sort of information is definitely of the "public interest" variety and should be given more heft when weighed against national security concerns. The American public isn't necessarily supportive of this highly-secret program and considering its complete lack of say in the matter, the least it should be given is the opportunity to more closely examine the accountability process.

Instead, the opinion allows the government to redact much of what it can't Glomar into nonexistence with the most abused FOIA exemption: b(5). Nominally for "deliberative process" documents only, the exemption has expanded to cover almost anything the government doesn't want to (immediately) reveal. About the only way to remove a b(5) exemption is through the courts -- an expensive process with low odds of success.

from the just-put-it-on-the-public's-tab dept

The CIA has been fighting to keep POW/MIA records out of Roger Hall's hands for over a decade. With that FOIA battle finally over, the CIA is now fighting to keep its money out of Roger Hall's hands. Judge Royce Lambert's order sounds a little exasperated with this vexatious defendant.

First, the CIA admits Hall (and Studies Solutions Results) have mostly won. But it then goes on to claim it shouldn't be required to follow this provision of the Freedom of Information Act -- that "substantially prevailing" plaintiffs are entitled to legal fees.

The CIA concedes that the plaintiffs have prevailed on several of their claims and that they are therefore eligible for fees. Opp'n 8. The CIA also "accepts some responsibility for the unnecessarily protracted nature of this litigation" and notes that there is "accordingly no need for the Court to consider whether the plaintiffs are entitled to an award." Furthermore, the CIA does not argue that interim fees are inappropriate or that fees should not be awarded until the conclusion of litigation.

So, what is the CIA's problem? It admits fault but only wants to pay a small fraction of what Hall is seeking. Hall claims a decade's-worth of the CIA's admittedly "unnecessarily protracted" litigation has cost him more than $400,000. The CIA thinks $75,000 is more than fair for screwing him around for 10+ years.

First, the CIA claims Hall's win isn't much of a win, and if he's racked up hundreds of thousands of dollars in legal fees, it's his own fault.

The CIA requests that the Court reduce the requested fees because plaintiffs have achieved only limited success, calling their victory "largely pyrrhic..." The CIA argues that because plaintiffs sought such "extraordinarily broad categories of records," "it was almost inevitable that litigation would ensue."

Judge Lambert points to the court record as being contradictory to the CIA's portrayal of the litigation.

This allegation is, to some extent, in tension with the statement that it "does not dispute that the plaintiffs have substantially prevailed on several of their claims." Indeed, the Court has repeatedly rejected the claim that the FOIA requests were overly broad and unduly burdensome, and now agrees that plaintiffs have achieved significantly more than a victory.

In fact, he points out it's the CIA that's been racking up loss after loss.

Overall, the Court finds that the plaintiffs in this case have been quite successful in achieving their objective: obtaining documents unlawfully withheld. When this lawsuit was filed, the CIA refused to release the requested records and failed to respond to plaintiffs' request for over a year. After many years of litigation, the CIA has released more than 4,000 documents, quite a substantial success. The Court finds that plaintiffs' actions in diligently pursuing their claims were reasonable -- even those that were ultimately unsuccessful -- and it will not use the benefit of hindsight to scrutinize every one of plaintiffs' actions.

And while the CIA attempted to use a little math to buttress its claims that Hall's litigation has been mostly unsuccessful ("CIA… specifically takes issue with a number of unsuccessful motions filed by the plaintiffs…"), it didn't bother to apply anything of the sort to its counteroffer on legal fees.

[T]he court finds it troubling that the CIA did not even attempt to analyze how many hours related to such motions, instead stating only that "a fee award up to $75,000 may be appropriate."

Which means the court now has to do the calculations the CIA couldn't be bothered to perform.

The CIA… [provided] no basis from which to determine how much of a reduction would be appropriate and [left] such calculations to the Court. This not only inconveniences the Court, but should the Court produce its own analysis for the first time in a written opinion, the plaintiffs would not have a chance to respond.

And it comes to much, much more than the CIA offered.

Applying the historic Laffey rates to Hall and SSR's total requested hours produces an award of $346,231 after billing 0.8 hours [yes, the CIA argued over 0.8 billable hours -- out of 1,008.7 total] to the clerical rate rather than the attorney rate. Their attorney, James Lesar, agreed that it is appropriate to deduct 15% of the time recorded as a matter of billing judgment, yielding an award of $294,296.40.

In addition to the $294,000, another $120,000 will be going to James Lesar himself, bringing the total award to $414,478.40.

After being presented with these results, the CIA argued that it was simply too much… by citing other cases with lower awards, no matter their relevance to the issue at hand.

The cases the CIA cites in an attempt to show that this award is out of sync with fees awarded in similar cases are not illustrative. Simply listing cases and fee awards is not helpful.

The CIA will now be lifting over $400,000 from taxpayers' wallets to pay for its combative, secretive behavior. Records pertaining to prisoners of war and missing in action soldiers are the very definition of "public interest" documents. Throughout the course of this case, the CIA repeatedly claimed otherwise, claiming that the documents might be of interest to surviving relatives/spouses only. The court disagrees.

Certainly information regarding missing following the Vietnam and Korean Wars is exactly the type of information that interests the public. Disclosure of this information has the potential to shed light on the extent, nature, intensity, and duration of the government's efforts to locate and show the degree to which the CIA has accurately informed the public about its search efforts and the information it possesses. [...] Information regarding POW/MIAs is not only of interest to the public, but hard to come by.

It's the public that's been forced to take part in a pyrrhic victory. More documents have been freed, but it took years of litigation. That bill will be footed by the same public the CIA denies has any interest in the documents. There's more information available now than there was 10 years ago, but every step of the way, the CIA used the public's money to fight against the public's interest. And now it needs another $400,000 from the public to pay back other members of the public.

The servicemen and women whose information the CIA fought to withheld would probably have reminded the public that "freedom isn't free." The payout resulting from this extensive legal fight turns those words into a ghastly parody.

from the how-nice-of-them dept

Muckrock has a story of Alex Richardson, seeking information on the IRS's Whistleblower Office, which has been receiving some scrutiny lately. Richardson filed a bunch of FOIA requests and discovered that the IRS apparently would like to make his life as difficult as possible. First he got an infamous GLOMAR "neither confirm nor deny" response -- which was supposed to be limited to national security issues. However, with at least one request, a package with a CD just arrived... and Richardson was dismayed to find the contents of the CD encrypted.

That seems a bit strange for a response to a FOIA request, since whatever is being delivered is supposed to be public, but whatever. The letter accompanying the CD explains, for reasons unknown, that while the IRS was only returning 6 of the 23 pages that had been located, it was doing so with encryption, and it would send the key separately.

Again, this seems like weird operational security for public documents. Now, also, in the response letter, it noted that the reason only 6 pages are included is because the rest were withheld under FOIA exemptions:

So you had to imagine that in those 6 pages, there should at least be some relevant information. Nope. It appears that the IRS went through all that to give a final middle finger to Richardson, because when he finally decrypted the documents... they're all redacted too. Six pages, entirely blacked out. Which makes you wonder why the other 17 were "withheld" in the first place. What difference could it have made?

As Muckrock notes at the end of its piece:

Just GLOMAR us next time, IRS. Save us both a lot of grief, and it's a lot less cruel.

from the a-win-for-the-public-somehow-a-'loss'-for-a-much-smaller-'public' dept

The US government has come up with a rather decent idea: rather than limit FOIA releases solely to the requesting party, why not release it to everyone simultaneously? On its end, this would possibly save it the trouble of dealing with multiple requests for the same information, as well edge it closer to the ideals of the Freedom of Information Act.

This isn't a new idea. Several UK government agencies already post responses to public records requests publicly, ensuring that these documents can be seen by as many people as possible. (Of course, this may change, considering the efforts being made to dial back the reach of the UK's open records law.) This decision makes sense, as the point of the FOIA is to provide records to the general public -- not just certain individuals who may or may not make them public -- in the interest of government transparency.

“FOIA terrorist” Jason Leopold has big issues with the approach. “It would absolutely hurt journalists’ ability to report on documents they obtained through a FOIA request if the government agency is going to immediately make records available to the public,” writes the Vice News reporter via e-mail. Leopold has already experienced the burn of joint release, he says, after requesting information on Guantanamo Bay. The documents were posted on the U.S. Southern Command’s Web site. “I lost the ability to exclusively report on the material even though I put in all of the work filing the requests,” he notes.

While I do sympathize with some of their concerns, I'm not all that impressed with the idea that public documents should somehow be considered proprietary, even when taking into consideration the effort made to obtain them. This argument basically boils down to journalists staking claims on public records, turning a government transparency tool into a scoop-generation device.

There's a downside to this proposed release system, but "losing" this "exclusivity" isn't part of it. Just because everyone will have access to the same documents at roughly the same time doesn't diminish the value of knowledgeable interpretations of the released information, especially if provided by the person who knew what to ask for and has considerable expertise on the subject matter.

What's more concerning is what the government is basically asking of FOIA requesters, while giving them very little in return. It's asking requesters to take the hit financially for the good of the nation -- a burden the government should be bearing, not members of the public. If requested documents qualify for the government's new "release to one, release to all" policy, then all associated fees should be waived -- no matter who is requesting them. The FOIA fee exemption applies to documents released to the public, rather than for commercial reasons. If the government is posting responsive documents "for all," even the most commercial of requesters should have all fees waived, no matter how many expenses are incurred fulfilling the request. (That the government even charges fees for public documents is still absurd, but for the sake of this argument, we'll pretend it's legit.)

More concerning is how often the government ties up FOIA requesters in litigation. This can generate significant expenses for the requester, who will never have the "unlimited" funds to battle tenaciously unresponsive agencies. It's a bit rich for the government to drag requesters through court, only to deny them whatever small financial benefits they may have received from "exclusivity" by dumping the documents into the public domain at the same time.

In addition, the government's more proactive approach will need to be watched closely. One method used to shake loose additional documents covering the same subject matter is to file multiple FOIA requests. If the government considers a single response to be final word on a particular subject, this new era of "transparency" will forever be burdened by the addition of scare quotes. It's well-known that certain agencies will knowingly perform incomplete/incomprehensive searches if they feel they can get away with it. When another request comes along looking for documents covering the same subject matter as a previous request (but with different search parameters), agencies may just point to existing online releases, rather than perform additional/more comprehensive searches that might result in new responsive documents.

Ultimately, the policy change will be a win for the greater public. A more transparent government has greater value than the perceived "exclusivity" of documents requested by media members. Hopefully, this new openness will trickle down to the many news outlets that still believe legal filings should only be quoted, but never posted where others (including competitors) can freely access them. There's a reason we include as many filings as possible when covering stories. There's no "exclusivity" in public records.

from the what-part-of-'search-your-records'-are-you-purposefully-not-understandin dept

Thanks to yet another FOIA lawsuit, more evidence is being produced that suggests certain federal agencies employ labyrinthine systems that seem deliberately designed to keep requesters as far away as possible from responsive documents.

Trentadue v. FBI deals with the release (or lack thereof) of videotapes containing footage of the 1995 Oklahoma City bombing. Four days of oral testimony has at least partially exposed the search methods used by the FBI, which the agency uses as convenient information silos, rather than treat their central database as a cohesive whole. Reporters Committee for the Freedom of the Press points out that this "system" often leads to unfulfilled or partially-filled requests. FOIA requesters are often not aware that the FBI will do a half-assed job unless led by the nose through each of its databases and document systems. (via Unredacted)

The latest testimony from the Trentadue case shows that reporters and members of the public who send FOIA requests to the FBI might not know that there are a myriad of different records "systems" that they need to specify in order for a comprehensive search to take place. They might not know that the FBI typically only searches for the location of the main file related to an investigation as reported to headquarters, so reporters should also request cross-references, which are mentions of the subject of their request in investigations outside of the main file. While field offices have FOIA-trained personnel to assist RIDS (Records Information Dissemination System), reporters should also send FOIA requests directly to individual field offices they think are relevant to the investigation, because RIDS may only request documents from the field office associated with the main file.

On top of that, the FBI utilizes an obviously misnamed Central Records System (CRS) when responding to FOIA requests. Despite the name's suggestion that it a central repository of FBI records, it actually isn't -- not because the database doesn't contain the most of the records the FBI has compiled, but because it can be searched using three different methods, all of which will return different sets of documents. The "Automated Case Support" (ACS) is the tool used to search the CRS, but that search isn't unified.

The FBI's Central Records System (CRS) contains the "universe of records" the FBI has acquired in its law enforcement operations. According to trial testimony in the Trentadue case, the Automated Case Support system ("ACS") searches the CRS, and the ACS is split into three components: the Investigative Case Management system ("ICM"), the Electronic Case File ("ECF"), and the Universal Index ("UNI").

The ICM is a case management tool for documents involved in an ongoing investigation. The ECF is broader and contains all FBI law enforcement documents uploaded to the CRS except for some aged documents, or documents not uploaded for unknown reasons. Importantly, the ECF searches the text of the documents themselves.

The FBI revealed in court that requesters basically need to know the systems as intimately as responding agents do if they expect to receive the entirety of what they're seeking. In Trentadue v. FBI, the FBI limited its search to UNI, rather than utilize the ECF, which would have found more documents thanks to its search of document text. The FBI told the court that its default method for FOIA responses is the more-limited UNI search and that it won't perform more thorough searches using other methods unless specifically asked to by the requester.

Not only that, but the FBI will decide what keywords to use when searching the database, unless required to do otherwise by the text of the request.

Testimony revealed that the one search of the CRS was made using the generic UNI keyword "OKBOMB," even though there was a wide range of keywords that could have been used in a text-based ECF search.

That's only one part of the FBI's FOIA obfuscation efforts. MuckRock's Shawn Musgrave points out that the FBI will often refuse to perform an extensive search until sued by the requester. Even worse, when knowledgable requesters have specified an ECF search, the FBI will sometimes refuse to follow this instruction.

And there's more to it than simply using the least-responsive search method by default. There's also evidence suggesting the FBI is keeping information out of requesters' hand by preventing the documents from being added to the Central Records System in the first place.

John Solomon of the Associated Press in 2004 documented the existence of so-called "I-Drives" used by the FBI, which were file-sharing drives used in the course of case management but which defense lawyers said could be used to withhold evidence. Testimony showed that the I-Drives have been replaced by "S-Drives," which serve essentially the same function. Trentadue alleges the FBI failed to search S-Drives for records responsive to his FOIA request.

Finally, as if the previous information uncovered during oral testimony wasn't damning enough, this case is on hold as the court examines witness tampering claims against the FBI, which allegedly instructed a former agent not to testify at this trial. Apparently, even the FBI's former personnel can't be "searched" properly for information, not even by the courts.

from the Y2K-COMPLIANT! dept

The DHS isn't the most responsive government agency when it comes to FOIA requests. In fact, this government in general isn't very responsive when it comes to FOIA requests. So, it's completely understandable why its brand new FOIA app is similarly unresponsive.

First off, searching the Google Play store for "DHS" or "FOIA" will NOT find the app. If you use both those words together, however, you'll find it at the top of the list. Clicking through brings you to the app's page, which shows that whatever the DHS paid for its development, it's going to be awhile before it ever returns whatever passes for ROI in publicly-funded app giveaways. 10+ downloads. That's hardly a sign of widespread adoption.

Once you click Install, you're given some information that makes no sense. Why would a government app need your location info? The question is unanswered anywhere in the app's notes. Yes, you do need to turn over a certain amount of personal information to file an FOIA request, but the location it's being sent from is irrelevant.

Now, the idea behind the app is a good one. If you're the inquisitive type, ideas for FOIA requests may strike at inopportune moments. Rather than holding onto it until you're in front of a proper computer, you can just fire one off immediately. IN THEORY.

The app doesn't store your personal information (probably a good thing), so this means every FOIA request will require you to type in your name, address, etc. all over again.

The app's shortcomings become apparent immediately. You're given a list of agencies you can request from, but it's far from complete. Most noticeably, the TSA is not on the list of available agencies and there's no option to add other DHS agencies to the list. Presumably, the TSA will be added when (or if) its FOIA system is told to play nice with the DHS app.

As for the actual entry of personal information (the thing you'll be doing EVERY SINGLE TIME YOU USE THE APP), it's a complete travesty. The UI seems to have been created by a person who knows what a fill-in-the-blank form looks like, but has never actually performed the act on anything but paper.

Look closely at this screenshot. I'm currently in the Zip Code field. You know how I know this? Because when I start punching in numbers, it starts filling up the field. There's no blinking cursor to let you know what field you're in. (Nor does it show up when you need to edit something. It only provides the little teardrop indicator underneath wherever it is [approximately] that you tapped the screen.]

The fields themselves are, um... not smart. Not a single field entry triggers uppercase letters, despite almost every field being the sort of information one normally capitalizes.

It gets worse.

Clicking on State gives you a menu of states to choose from. But not 50 of them. Not even a dozen of them. You'd better hope you live in states None-Colorado because there is no way to scroll down the list (it's static) or even manually enter your state's name.

At this point, I gave up. It's not even worth using as a last resort. You'd be better off writing a reminder in a functioning app and using the DHS's website (or a clearinghouse like MuckRock) to do this twice as fast with half the hassle. The fields are unresponsive, your keyboard routinely covers what you're trying to type in, and, for no apparent reason, the government now knows approximately where you last angrily yelled at its terrible app.

I am hoping this app improves over time -- not because I plan to make use of it, but because it will show the agency is actually trying to make its agency more accessible and transparent, rather than just settling for a "Will this do?" app that actually won't do. Not at all. And I guarantee the development of this app costs more than the development of apps with twice the capability and with at least a passing knowledge of common UI features.

from the DEFAULT:-HIDE dept

Weird TrueCrypt-related things keep happening. Over the past few years, TrueCrypt has gone from "recommended by Snowden!" to a service of questionable trustworthiness. To begin with, it was never clear who exactly was behind TrueCrypt and the lack of a recent security audit wasn't winning it many new converts.

Things went from somewhat bad to disturbingly worse when, shortly after the first phase of the audit was completed, a post went up at SourceForge declaring the software insecure and that all development had been halted. The post pushed users towards BitLocker. Further development was left to the public and more testing seemed to indicate it was still trustworthy, even though it relied on possibly predictable random number generator.

Whether or not TrueCrypt can fully be trusted remains up in the air. But there's some indication that the FBI has taken an interest (probably an unhealthy one) in TrueCrypt's inner workings.

The documents that won't be making their way to Sandvik appear to be three technical articles not written by FBI personnel and ones that have appeared elsewhere in unredacted form.

In further explanation of the withholding, the material consists of three, copyrighted articles: Easy to Crack USB Thumbdrives, March 12, 2008 by Daniel Bachfeld; EEEP Net: "FOUO Network", April 2014 by Greg Fulk; Techno Forensics Conference, October 2007 at NIST by Dave Reiser, and a training slide presentation, Anti-Forensics, November 2, 2007 by Secure Computing.

The 2008 article may be somewhat related to the FBI's failed attempt to crack TrueCrypt encryption protecting hard drives owned by Brazilian banker Daniel Dantas, who was suspected of several financial crimes. The Brazilian government asked for the FBI's help after spending five months of its own attempting the same thing. A year later, the drives remained intact.

So, why is the FBI holding these back? Nothing in these papers discusses anything that could possibly be considered a "trade secret." If these are secrets, they're pretty open. Searching for "anti-forensics" turns up a wealth of scholarly papers and presentations that discuss both encryption and TrueCrypt.

This is just the FBI obfuscating for obfuscation's sake. But its knee-jerk reaction to withhold everything in its entirety also suggests something slightly more troubling. Either the intelligence/investigative arms of the US government have found a way in (by obtaining keys or compromising the RNG) or they're still very actively involved in trying to do so. Neither bodes particularly well for TrueCrypt users.

from the the-system-fights-the-system! dept

Kevin Johnson: Three-time NBA All-Star. Former (embattled) president of the National Council of Black Mayors. Outgoing (non-embattled) president of the US Conference of Mayors. Frequent litigant. Destroyer of public records. Suer of his own city. Only a couple of these can be considered flattering.

The suit against Sacramento News & Review writer Cosmo Garvin makes a little sense, at least in terms of disputing the release of documents. But it makes less sense in context. Another newspaper (Sacramento Bee) made a similar request but has not been named in the lawsuit, apparently because it acquiesced to Johnson's lawsuit threat and altered its records request. (The Sacramento Bee denies doing so, instead claiming it withdrew its request while waiting for the city attorney to make a determination as to which emails will be released. It may not be acquiesence, but it still serves Johnson's purpose, seeing as this withdrawal didn't occur until after the mayor's lawyers announced his intention to sue.)

Among the communications the city attorney was prepared to release were emails between Johnson and lawyers from Ballard Spahr, a firm Johnson used during his brief and debacle-filled reign as NCBM president. Johnson’s suit, however, argues that an exemption in the public-records laws for communications between an attorney and client should prevent their release.

Johnson claims these emails are protected by attorney-client privileges and shouldn't be released. He (through his lawyer) claims to be all about transparency and the disclosure of "all appropriate public records." Apparently, he feels these emails are not and maintains it has nothing to do with his highly-disputed, exceedingly brief tenure as the president of the National Council of Black Mayors (NCBM). This assertion would carry a bit more weight if (a) his time at the helm of the NCBM wasn't marked by allegations of abuse of his position to support his wife's business and career, and (b) if he hadn't previously admitted -- on record -- that he had destroyed documents subject to public records requests.

Johnson testified Tuesday in Superior Court on a separate matter, and acknowledged that he deleted text messages regarding a $500 million sports arena partly funded by the city.

Johnson said he deleted the text messages despite being advised by city staff to save all electronic communication regarding the arena deal with the Sacramento Kings.

Garvin notes that the timing of Johnson's public record-blocking lawsuit is catastrophic, at best.

"This is on the day that the front page of the [Sacramento] Bee is about the mayor deleting texts," Garvin said. "It's the same time the city is getting ready to delete thousands and thousands of emails ... which they've never done before."

Adding to the ugliness surrounding Johnson's litigious desires to maintain a murky relationship with the public is his past abuse of his NCBM position. Considering he'd already been dumped by the Council for his questionable actions, the NCBM is far from pleased that it's listed as a co-plaintiff in Johnson's legal fight against transparency. In fact, the two entities are still engaged in plenty of litigation against each other.

Williams and other NCBM board members were also surprised the group was listed as a plaintiff in Johnson’s lawsuit, given how contentious the mayor’s relationship with them has been. Johnson was elected president of NCBM in 2013 under disputed circumstances. The group’s general counsel voided Johnson’s election just two weeks into his presidency, and Johnson sued to have his presidency restored. He and NCBM officials have been suing each other ever since. Williams is personally suing Johnson for defamation.

To combat Johnson's co-opting of whatever goodwill remains towards the organization, the Council has signed a resolution that disavows any participation in Johnson's open records litigation and calls for all disputed emails to be released. Johnson is now learning that allies are like family members: you don't get to choose either one.

While Johnson may have a point about privileged communications, it's completely undercut by his actions. He (and his staff) have used personal email accounts in hopes of skirting public records requests and he has openly admitted that he has destroyed information responsive to records requests against both city policy and direct instructions to maintain these records.

In 2003, PLN filed a Freedom of Information Act (“FOIA”) request with the Federal Bureau of Prisons seeking all documents showing money the Bureau paid in connection with lawsuits and claims brought against it between January 1, 1996, and July 31, 2003.

That's right. Twelve years past its original request and the Appeals Court has reversed and remanded the decision to the district court to finally get it right. At the heart of the decade-plus legal battle is the supposed "categorical redaction" of personal information, which, upon examination by the Appeals Court, appears to be anything but categorical. It could charitably be called "inconsistent," despite the government's claims that it has a right to utilize a blanket exception.

But before we get to that point, we need to take a look at the past 12 years. PLN filed this request in 2003 and received no documents at all until it sued the BOP two years later. At that point, the Bureau suddenly found 11,000 documents -- about a third of which were handed over in redacted form.

Of those, 102 are still being disputed. FISA-famous Judge Reggie Walton (operating in his less-surveillance-oriented district court position) granted summary judgment in favor of the Bureau of Prisons in 2013 -- eight years after the Bureau first started releasing documents to Prison Legal News. The appeal of that decision leads us to where we are today: finally seeing an endpoint to a dispute over public records that is now entering its second decade of litigation and spans three presidential elections.

The Appeals Court disagrees with Walton's concession to blanket personal information exemptions, mainly because the Bureau's careless application of this exemption showed little attention had been paid to the underlying information or truly weighed against the public's interest.

Both the final Vaughn index and the Moorer Declaration lump the privacy interests of all claimants and any perpetrator or witness whose information is redacted into categories based on the type of document in which the individual’s information appears. Both provide only cursory statements such as those described above to justify the redactions.

It's not that the government can't use categorial redactions, the Appeals Court explains. It's that it can't apply this exemption categorically when the redactions cover such a wide variety of information.

The categories, centered as they are on specific types of filed documents, include a wide range of claims covering various degrees of privacy interests. As PLN points out, the privacy interest of tort claimants will be different when they are claiming injury from a slip and fall as compared to a sexual assault. The EEOC claims also present a diverse picture and can hardly be considered a category that “‘characteristically support[s] an inference’ that the statutory requirements for exemption are satisfied.”

But the government has applied this categorical exemption, either due to laziness or a desire to obfuscate. The twelve-year legal battle suggests the latter. This isn't the only "failure" of the categorical redactions. In the disputed documents, the government decided privacy interests outweighed the public interest, no matter the underlying circumstances. The court finds this "inconsistent," at best.

There is another problem with the categorical approach here – it fails to distinguish between redacting the identity of the alleged victim and the identity of the alleged perpetrator. This distinction is significant with respect to the employees’ interest in keeping their information private. But the Bureau has made no effort to distinguish between the privacy interests of employees who are victims and those who are perpetrators. In fact, it has offered little support for redacting information that would identify perpetrators.

Even its inconsistency is inconsistent.

In addition, the Bureau has not been consistent in shielding the names of its employees accused of wrongdoing. While redacting the names of those accused of discriminating in Exhibits 1 (Doc. 110-5) and 2 (Doc. 110-6), it did not redact the name of a Bureau employee who was the alleged perpetrator of a sexual assault on an inmate in Exhibit 3 (Doc. 110-7). Joint Appendix 274, 291, 302. The Bureau never explains its inconsistency. Neither the Stroble Vaughn index nor the Moorer Declaration provides insight into why the names of some alleged perpetrators are redacted while others are revealed.

This arbitrary use of a blanket exemption leads to the ridiculousness of treating a minor injury as no different than five months of improper imprisonment… or alleged sexual assault by a prison employee.

In the scheme of things, one would think that an employee’s eye injury resulting from the throwing of a screw is vastly different from a sexual assault on an inmate and that the privacy interests of the victims and perpetrators in these two cases will be different. These examples are sufficient to show that the privacy interests involved in a given type of claim do not fall within a single category that “characteristically support[s] an inference that the statutory requirements for exemption are satisfied.”

In the end, the case is remanded to the lower court for further examination of the balancing of personal and public interest. The decision points out that this balance must be examined in detail and cannot be simply handed over to blanket exemptions, other than that of a few distinct individuals (medical professionals who treat inmates, inmates who have filed claims against prisons, etc.).

At some point -- even possibly this year -- Prison Legal News may finally receive the final documents it's been seeking for the last twelve years. I guess this shows the system still works, even if it routinely suffers from hard resets and significant downtime.